<?php
function user_experiences_page($uid) {
  global $user;
  if(empty($uid)) {
    $uid = $user->uid;
  }

  $query = db_select("node", "n");
  $query->fields('n', array('nid', 'title', 'created', 'uid'));
  $query->addField("fm", "uri");
  $query->addField("ads", "field_exp_address_value", "address");
  $query->addField("approval", "field_approval_value", "status");
//  $query->leftJoin("field_data_field_name", "name", "name.entity_id = up.pid AND name.deleted = 0");
  $query->leftJoin("field_data_field_exp_address", "ads", "ads.entity_id = n.nid AND ads.deleted = 0");
  $query->leftJoin("field_data_field_exp_photos", "photos", "photos.entity_id = n.nid AND photos.deleted = 0  AND photos.delta = 0");
  $query->leftJoin('file_managed', 'fm', 'fm.fid = photos.field_exp_photos_fid');
  $query->leftJoin("field_data_field_approval", "approval", "approval.entity_id = n.nid AND approval.deleted = 0");
  $query->condition("n.uid", $uid, "=");
	$query->condition("n.type", 'exp_basic');
//  $offset = $page*6;
  $query->range(0, 20);
  $query->orderBy("n.created", "DESC");
  $result = $query->execute();
  $exp_list = array();
  while ($record = $result->fetchObject()) {
    $exp_list[] = $record;
  }
  $items = array();
  $items['data'] = $exp_list;
  $items['page'] = ++$page;
  drupal_add_css(drupal_get_path("module", "account") . "/css/user_experiences.css");
  return theme("user_experiences_page", array('items'=>$items));
}

function get_user_exp($uid) {
  global $user,$language;
  if(empty($uid)){
    $uid = $user->uid;
  }

  $profile_type = substr($language->language, 0, 2);

  $query = db_select("node", "n");
  $query->fields('n', array('nid', 'title', 'created', 'uid'));
  $query->addField("body", "body_value", "detail");
  $query->addField("fm", "uri");
  $query->addField("name", "field_name_value", "exp_name");
  $query->leftJoin('profile', 'up', "up.uid = n.uid AND up.type = '$profile_type'");
  $query->leftJoin("field_data_field_name", "name", "name.entity_id = up.pid AND name.deleted = 0");
  $query->leftJoin("field_data_field_exp_address", "ads", "ads.entity_id = n.nid AND ads.deleted = 0");
  $query->leftJoin("field_data_field_exp_photos", "photos", "photos.entity_id = n.nid AND photos.deleted = 0 AND photos.delta = 0");
  $query->leftJoin('file_managed', 'fm', 'fm.fid = photos.field_exp_photos_fid');
  $query->leftJoin("field_data_body", "body", "body.entity_id = n.nid AND body.deleted = 0");
  $query->condition("n.type", "exp_basic");
  $query->condition("n.uid", $uid);
  $query->orderBy("n.created", "DESC");
  $query->range(0, 6);
  $result = $query->execute();
  $exp_list = array();
  while ($record = $result->fetchObject()) {
    $exp_list[] = $record;
  }
  return $exp_list;
}

function trip_edit_password() {
  global $user;
  $items['user'] = user_load($user->uid);
  $items['type'] = 'password';
  $items['form'] = drupal_render(drupal_get_form('account_password_form'));
  return theme("user_center", array("items" => $items));
}

function account_password_form($form, &$form_state) {
  global $user;
  $account = $user;
  $form['#user'] = $user;

  $protected_values = array();

  // To skip the current password field, the user must have logged in via a
  // one-time link and have the token in the URL.
  $pass_reset = isset($_SESSION['pass_reset_' . $account->uid]) && isset($_GET['pass-reset-token']) && ($_GET['pass-reset-token'] == $_SESSION['pass_reset_' . $account->uid]);
  // The user may only change their own password without their current
  // password if they logged in via a one-time login link.
  if (!$pass_reset) {
    $protected_values['pass'] = t('Password');
  }


  $form['account']['current_pass'] = array(
    '#type' => 'password',
    '#title' => t('Current password'),
    '#size' => 25,
    '#access' => !empty($protected_values),
    '#description' => $current_pass_description,
    '#weight' => -5,
    // Do not let web browsers remember this password, since we are trying
    // to confirm that the person submitting the form actually knows the
    // current one.
    '#attributes' => array('autocomplete' => 'off'),
  );

  $form['account']['pass'] = array(
    '#type' => 'password_confirm',
    '#required' => True,
  );

  $form['account']['current_pass_required_values'] = array(
    '#type' => 'value',
    '#value' => $protected_values,
  );


  $form['submit'] = array(
    '#type' => "submit",
    '#value' => t("Submit"),
    '#attributes' => array('class' => array('btn btn-primary red-btn form-submit')),
  );
  $form['#validate'][] = 'user_validate_current_pass';

  return $form;
}

function account_password_form_submit($form, $form_state) {
  global $user;
  $values = $form_state['values'];
  require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
  $user->pass = user_hash_password(trim($values['pass']));
  user_save($user);
  unset($_SESSION['pass_reset_' . $user->uid]);
  drupal_set_message(t("Change password success!"));
}
